- Security
- By Ionut Ilascu
- January 9th, 2015
Banking Trojans Pose as ICS/SCADA Software
Industrial control systems are easy to compromise
- Security Blog
- By Ionut Ilascu
- December 11th, 2014
BlackEnergy APT Suspected of Exploiting Glitch in SIMATIC WinCC SCADA Software
A number of the victims associated with this campaign were running the Advantech/BroadWin WebAccess software
- Security Fixes and Improvements
- By Ionut Ilascu
- November 27th, 2014
Emergency Patch for WinCC Issued by Siemens
Exploit for vulnerabilities may already exist
- Security
- By Ionut Ilascu
- November 1st, 2014
Map of Publicly Available Industrial Control Systems Published
Minimum protection measure not applied on ICS
- Advisories
- By Ionut Ilascu
- October 29th, 2014
BlackEnergy Malware Hits Industrial Control Systems in the US
Lateral movement on the network has not been observed
- Security
- By Ionut Ilascu
- September 26th, 2014
Industrial Control Systems Equipment Difficult to Patch Against Shellshock Bug
Plenty of equipment running embedded Linux is affected
- Security
- By Ionut Ilascu
- July 15th, 2014
Most Critical Infrastructure Companies Struggle with Security
55% of the surveyed companies have only one individual in charge with IT security
- Security Fixes and Improvements
- By Eduard Kovacs
- May 16th, 2014
Yokogawa Fixes Buffer Overflow Vulnerabilities in ICS Products
Juan Vazquez and Julian Vilas Diaz are the ones who uncovered the security holes
- Security Blog
- By Eduard Kovacs
- April 29th, 2014
Siemens Patches Heartbleed Bug in Industrial Products
Two products have been patched, but three remain vulnerable
- Security Blog
- By Eduard Kovacs
- January 10th, 2014
Siemens Praised for Quickly Fixing Vulnerabilities in SCALANCE X-200 Switches
The devices are used to connect Industrial Control Systems components
- Security
- By Eduard Kovacs
- December 4th, 2013
ENISA Publishes Guide for Mitigating Cyberattacks Against ICS
The manual is mainly designed for ICS-CERC teams
- Security
- By Eduard Kovacs
- October 10th, 2013
ENISA Publishes White Paper on ICS Security Incidents
Organizations can learn a lot about incident response and prevention from ex-post analysis
- Security Blog
- By Eduard Kovacs
- September 24th, 2013
Schneider Electric Patches Hard-Coded Credentials Flaw in Quantum Ethernet Module
Almost two years have passed since the issue was first discovered
- Hacking News
- By Eduard Kovacs
- August 3rd, 2013
Expert Uses Decoy Water Plant to Show Chinese Hackers Are Targeting ICS
Trend Micro's Kyle Wilhoit presented his findings at Black Hat 2013
- Hacking News
- By Eduard Kovacs
- June 29th, 2013
ICS-CERT Warns of Brute-Force Attacks Against Critical Infrastructure Control Systems
The attackers attempted to gain access to process control networks
- Security Blog
- By Eduard Kovacs
- June 27th, 2013
Globecomm Launches Cyber Security Solutions Service Cytelics
The new service is designed to secure organizations that use ICS
- Advisories
- By Eduard Kovacs
- June 14th, 2013
ICS-CER and FDA Warn of Hard-Coded Password Flaws in 300 Medical Devices
Billy Rios and Terry McCorkle are the ones who identified the vulnerabilities